The open banking, CDR story

December 2024
M	T	W	T	F	S	S
						1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28	29
30	31
« Nov		Jan »

Published on the 21/11/2024 | Written by Heather Wright

A/NZ positioning and international consistency…

Can New Zealand beat Australia to the punch with a successful Consumer Data Right?

It was a question asked a number of times at this week’s Payments NZ conference.

“Our CDR needs to connect with other foundational systems – identity, payments and data sharing are three lanes of our digital economy highway.”

Australia’s Scott Farrell, who led Australian Government Reviews which designed and developed the country’s open banking and consumer data right framework and modernised its payments regulation, was coy when asked directly whether New Zealand was behind the rest of the world given the country’s smaller economy, doing his utmost to avoid answering the question directly at this week’s Payments NZ The Point conference.

“That sounds like a landmine you just planted for me!,” he exclaimed before noting that it was seven years ago that he handed over his Australian Open Banking report to the Treasurer.

“At that point in time we didn’t have much at all. You can’t be further back than that.”

It became law in 2019.

“Well you’re pretty close to that. Then you go further and say did we have all this other work done at that stage? No, we didn’t.

“It would surprise me if given all the work you have done and how far you have come, you could manage to be further behind us than five years before we even started thinking about it. I don’t think you can be that far behind because it is your journey.

“When our paths cross – when you are on exactly the same part as us – that will be very, very soon indeed.”

Andrew Dentice, technology partner and lawyer at Hudson Gavin Martin, was far less coy.

“I don’t think we’re behind at all. For those exact reasons. Actually, the legislative framework we have got is nice and simple compared to some other jurisdictions, we’ve learned from some mistakes, we’ve actually got use cases in other jurisdictions that we can look for that they can come in, we’ve got the great work the API Centre has done on all the technical stuff, so we have a chance to leapfrog.”

The comments came just hours after New Zealand’s Commerce and Consumer Affairs minister Andrew Bayly told the finance sector to ‘just get on with it’ rather than waiting for the government regulation to modernise banking and payments.

He told attendees at the conference that while the government needed to put in the right frameworks ‘or whatever’ it didn’t want to over-regulate.

“This has got to be for industry, by industry,” he says.

Payments initiation API launched in New Zealand in May, with the account information API also now available, and the four major banks expected to start working with registered third parties to share their APIs for account information. BNZ has already begun doing so.

Phil Cass, API Centre manager, says across the four banks there are now 15 bilateral agreements to enable third parties to use standardised APIs to offer more banking services to customers.

But he admits there is still a lot more work to do.

“Going forward in 2025 we have an implementation plan, [and building] more functionality for API standards and an ecosystem with greater depth,” he says.

“Have we got it right? We have got it as right as we can at the moment, but we will iterate. We have something to build on. Now is the time to hold our nerves and keep going.”

Iteration – and often complete change – has been the name of the game in Australia too. Last week Australian Assistant Treasurer Stephen Jones announced consumer data right (CDR) rule changes to drive consumer uptake, and the doubling of the trial period for energy market to 24 months, alongside a doubling of customers involved.

Farrell acknowledged that Australia has had to ‘carefully consider’ its direction ‘so many times’.

“Between when the CDR data sharing went live in 2002 and this time last year, we have had three major reviews, five privacy impact assessments, seven sets of revisions to our rules, 16 consultations on policy, regulatory and legislative changes and 20 versions of our standards,” he says.

Four key areas for change have been around enhancing participation, simplifying compliance, expanding scope and deepening functionality.

On the participation front, he noted that rules and technology do nothing unless businesses participate, requiring a careful balance between ensuring trustworthiness of participants, while still encouraging participation.

“Initially we went a little overboard on accountability,” he admits. That saw a requirement that everyone had to be fully accredited. Two years later, that was revised.

“We put changes into place to introduce indirect participation and most prominently from representatives so accredited participants could appoint someone to do something on their behalf. And there are now 150 of those and less than 50 fully accredited participants.”

Focusing on data sets that link to a particular use case, rather than a sector, and adding action initiation to enable switching of providers and the like, rather than just making payments were also key.

As to where to next, Farrell says like New Zealand, Australia has ‘a lot of digital economy balls in the air at the moment’.

“We have CDR, the new digital ID regime, reform to payments and other digital financial services. We also have data protection changes, our privacy laws and new cybersecurity and anti-scam regimes. They are all foundations of our digital economy.

“But as important as they are, they’re confusing the heck out of a lot of Australians.”

That confusion runs the risk of alienating many so they don’t get the benefits.

“My personal view is our CDR needs to connect with these other foundational systems – identity, payments and data sharing are three lanes of our digital economy highway.

“We need to make sure it is a single integrated highway system, so customers can easily change lanes and drive at their own speed not the speed the private, or public, sector tells them they should drive at.”

Farrell, stressing that ‘this is just Scott talking’ also urged international digital consistency and community.

“In my personal opinion, establishing connections to promote cross border consistency, connectivity and community are critical to benefit customers and the businesses that serve them.”

That doesn’t mean cross border conformity, however.

“You don’t need to use our stuff to do this. Knock yourself out and take whatever is good, but cultures are different and data sharing frameworks are too.

“What needed is alignment and consistency so businesses can provide cross border services to customers so businesses in NZ, for example, get access to our Australian customer base and vice versa. And we can get access to the British customer base and vice versa and the Canadian customer base, so our citizens get lot of potential offerings from people they can trust and who are regulated to be trust worthy.”

Sound a big ask? Not to Farrell.

“I reckon it can be easier than many people think. There are different approaches including common and international standards, streamlined path for accreditations and similar design principles. Also simply sharing insights onto the paths taken and the lessons learned, especially just across the Tasman – that should be helpful, and I reckon it is worth a try.”

MORE NEWS: